namespace Friendica\Model;
+use DivineOmega\DOFileCachePSR6\CacheItemPool;
use DivineOmega\PasswordExposed;
+use ErrorException;
use Exception;
use Friendica\Content\Pager;
use Friendica\Core\Hook;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Model\TwoFactor\AppSpecificPassword;
-use Friendica\Network\HTTPException\InternalServerErrorException;
+use Friendica\Network\HTTPException;
use Friendica\Object\Image;
use Friendica\Util\Crypto;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Network;
use Friendica\Util\Strings;
use Friendica\Worker\Delivery;
+use ImagickException;
use LightOpenID;
/**
* @}
*/
+ private static $owner;
+
+ /**
+ * Returns the numeric account type by their string
+ *
+ * @param string $accounttype as string constant
+ * @return int|null Numeric account type - or null when not set
+ */
+ public static function getAccountTypeByString(string $accounttype)
+ {
+ switch ($accounttype) {
+ case 'person':
+ return User::ACCOUNT_TYPE_PERSON;
+ case 'organisation':
+ return User::ACCOUNT_TYPE_ORGANISATION;
+ case 'news':
+ return User::ACCOUNT_TYPE_NEWS;
+ case 'community':
+ return User::ACCOUNT_TYPE_COMMUNITY;
+ default:
+ return null;
+ break;
+ }
+ }
+
+ /**
+ * Fetch the system account
+ *
+ * @return array system account
+ */
+ public static function getSystemAccount()
+ {
+ $system = Contact::selectFirst([], ['self' => true, 'uid' => 0]);
+ if (!DBA::isResult($system)) {
+ self::createSystemAccount();
+ $system = Contact::selectFirst([], ['self' => true, 'uid' => 0]);
+ if (!DBA::isResult($system)) {
+ return [];
+ }
+ }
+
+ $system['sprvkey'] = $system['uprvkey'] = $system['prvkey'];
+ $system['spubkey'] = $system['upubkey'] = $system['pubkey'];
+ $system['nickname'] = $system['nick'];
+ return $system;
+ }
+
+ /**
+ * Create the system account
+ *
+ * @return void
+ */
+ private static function createSystemAccount()
+ {
+ $system_actor_name = self::getActorName();
+ if (empty($system_actor_name)) {
+ return;
+ }
+
+ $keys = Crypto::newKeypair(4096);
+ if ($keys === false) {
+ throw new Exception(DI::l10n()->t('SERIOUS ERROR: Generation of security keys failed.'));
+ }
+
+ $system = [];
+ $system['uid'] = 0;
+ $system['created'] = DateTimeFormat::utcNow();
+ $system['self'] = true;
+ $system['network'] = Protocol::ACTIVITYPUB;
+ $system['name'] = 'System Account';
+ $system['addr'] = $system_actor_name . '@' . DI::baseUrl()->getHostname();
+ $system['nick'] = $system_actor_name;
+ $system['avatar'] = DI::baseUrl() . Contact::DEFAULT_AVATAR_PHOTO;
+ $system['photo'] = DI::baseUrl() . Contact::DEFAULT_AVATAR_PHOTO;
+ $system['thumb'] = DI::baseUrl() . Contact::DEFAULT_AVATAR_THUMB;
+ $system['micro'] = DI::baseUrl() . Contact::DEFAULT_AVATAR_MICRO;
+ $system['url'] = DI::baseUrl() . '/friendica';
+ $system['nurl'] = Strings::normaliseLink($system['url']);
+ $system['pubkey'] = $keys['pubkey'];
+ $system['prvkey'] = $keys['prvkey'];
+ $system['blocked'] = 0;
+ $system['pending'] = 0;
+ $system['contact-type'] = Contact::TYPE_RELAY; // In AP this is translated to 'Application'
+ $system['name-date'] = DateTimeFormat::utcNow();
+ $system['uri-date'] = DateTimeFormat::utcNow();
+ $system['avatar-date'] = DateTimeFormat::utcNow();
+ $system['closeness'] = 0;
+ $system['baseurl'] = DI::baseUrl();
+ $system['gsid'] = GServer::getID($system['baseurl']);
+ DBA::insert('contact', $system);
+ }
+
+ /**
+ * Detect a usable actor name
+ *
+ * @return string actor account name
+ */
+ public static function getActorName()
+ {
+ $system_actor_name = DI::config()->get('system', 'actor_name');
+ if (!empty($system_actor_name)) {
+ $self = Contact::selectFirst(['nick'], ['uid' => 0, 'self' => true]);
+ if (!empty($self['nick'])) {
+ if ($self['nick'] != $system_actor_name) {
+ // Reset the actor name to the already used name
+ DI::config()->set('system', 'actor_name', $self['nick']);
+ $system_actor_name = $self['nick'];
+ }
+ }
+ return $system_actor_name;
+ }
+
+ // List of possible actor names
+ $possible_accounts = ['friendica', 'actor', 'system', 'internal'];
+ foreach ($possible_accounts as $name) {
+ if (!DBA::exists('user', ['nickname' => $name, 'account_removed' => false, 'expire']) &&
+ !DBA::exists('userd', ['username' => $name])) {
+ DI::config()->set('system', 'actor_name', $name);
+ return $name;
+ }
+ }
+ return '';
+ }
+
/**
* Returns true if a user record exists with the provided id
*
* @return integer user id
* @throws Exception
*/
- public static function getIdForURL($url)
+ public static function getIdForURL(string $url)
{
- $self = DBA::selectFirst('contact', ['uid'], ['nurl' => Strings::normaliseLink($url), 'self' => true]);
- if (!DBA::isResult($self)) {
- return false;
- } else {
+ // Avoid any database requests when the hostname isn't even part of the url.
+ if (!strpos($url, DI::baseUrl()->getHostname())) {
+ return 0;
+ }
+
+ $self = Contact::selectFirst(['uid'], ['self' => true, 'nurl' => Strings::normaliseLink($url)]);
+ if (!empty($self['uid'])) {
return $self['uid'];
}
+
+ $self = Contact::selectFirst(['uid'], ['self' => true, 'addr' => $url]);
+ if (!empty($self['uid'])) {
+ return $self['uid'];
+ }
+
+ $self = Contact::selectFirst(['uid'], ['self' => true, 'alias' => [$url, Strings::normaliseLink($url)]]);
+ if (!empty($self['uid'])) {
+ return $self['uid'];
+ }
+
+ return 0;
}
/**
return DBA::selectFirst('user', $fields, ['email' => $email]);
}
+ /**
+ * Fetch the user array of the administrator. The first one if there are several.
+ *
+ * @param array $fields
+ * @return array user
+ */
+ public static function getFirstAdmin(array $fields = [])
+ {
+ if (!empty(DI::config()->get('config', 'admin_nickname'))) {
+ return self::getByNickname(DI::config()->get('config', 'admin_nickname'), $fields);
+ } elseif (!empty(DI::config()->get('config', 'admin_email'))) {
+ $adminList = explode(',', str_replace(' ', '', DI::config()->get('config', 'admin_email')));
+ return self::getByEmail($adminList[0], $fields);
+ } else {
+ return [];
+ }
+ }
+
/**
* Get owner data by user id
*
* @return boolean|array
* @throws Exception
*/
- public static function getOwnerDataById($uid, $check_valid = true)
+ public static function getOwnerDataById(int $uid, bool $check_valid = true)
{
- $r = DBA::fetchFirst(
- "SELECT
- `contact`.*,
- `user`.`prvkey` AS `uprvkey`,
- `user`.`timezone`,
- `user`.`nickname`,
- `user`.`sprvkey`,
- `user`.`spubkey`,
- `user`.`page-flags`,
- `user`.`account-type`,
- `user`.`prvnets`,
- `user`.`account_removed`,
- `user`.`hidewall`
- FROM `contact`
- INNER JOIN `user`
- ON `user`.`uid` = `contact`.`uid`
- WHERE `contact`.`uid` = ?
- AND `contact`.`self`
- LIMIT 1",
- $uid
- );
- if (!DBA::isResult($r)) {
- return false;
+ if ($uid == 0) {
+ return self::getSystemAccount();
+ }
+
+ if (!empty(self::$owner[$uid])) {
+ return self::$owner[$uid];
+ }
+
+ $owner = DBA::selectFirst('owner-view', [], ['uid' => $uid]);
+ if (!DBA::isResult($owner)) {
+ if (!DBA::exists('user', ['uid' => $uid]) || !$check_valid) {
+ return false;
+ }
+ Contact::createSelfFromUserId($uid);
+ $owner = self::getOwnerDataById($uid, false);
}
- if (empty($r['nickname'])) {
+ if (empty($owner['nickname'])) {
return false;
}
if (!$check_valid) {
- return $r;
+ return $owner;
}
// Check if the returned data is valid, otherwise fix it. See issue #6122
// Check for correct url and normalised nurl
- $url = DI::baseUrl() . '/profile/' . $r['nickname'];
- $repair = ($r['url'] != $url) || ($r['nurl'] != Strings::normaliseLink($r['url']));
+ $url = DI::baseUrl() . '/profile/' . $owner['nickname'];
+ $repair = ($owner['url'] != $url) || ($owner['nurl'] != Strings::normaliseLink($owner['url']));
if (!$repair) {
// Check if "addr" is present and correct
- $addr = $r['nickname'] . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
- $repair = ($addr != $r['addr']);
+ $addr = $owner['nickname'] . '@' . substr(DI::baseUrl(), strpos(DI::baseUrl(), '://') + 3);
+ $repair = ($addr != $owner['addr']) || empty($owner['prvkey']) || empty($owner['pubkey']);
}
if (!$repair) {
// Check if the avatar field is filled and the photo directs to the correct path
$avatar = Photo::selectFirst(['resource-id'], ['uid' => $uid, 'profile' => true]);
if (DBA::isResult($avatar)) {
- $repair = empty($r['avatar']) || !strpos($r['photo'], $avatar['resource-id']);
+ $repair = empty($owner['avatar']) || !strpos($owner['photo'], $avatar['resource-id']);
}
}
if ($repair) {
Contact::updateSelfFromUserID($uid);
// Return the corrected data and avoid a loop
- $r = self::getOwnerDataById($uid, false);
+ $owner = self::getOwnerDataById($uid, false);
}
- return $r;
+ self::$owner[$uid] = $owner;
+ return $owner;
}
/**
/**
* Returns the default group for a given user and network
*
- * @param int $uid User id
+ * @param int $uid User id
* @param string $network network name
*
* @return int group id
- * @throws InternalServerErrorException
+ * @throws Exception
*/
public static function getDefaultGroup($uid, $network = '')
{
* @param string $password
* @param bool $third_party
* @return int User Id if authentication is successful
- * @throws Exception
+ * @throws HTTPException\ForbiddenException
+ * @throws HTTPException\NotFoundException
*/
public static function getIdFromPasswordAuthentication($user_info, $password, $third_party = false)
{
return $user['uid'];
}
- throw new Exception(DI::l10n()->t('Login failed'));
+ throw new HTTPException\ForbiddenException(DI::l10n()->t('Login failed'));
}
/**
*
* @param mixed $user_info
* @return array
- * @throws Exception
+ * @throws HTTPException\NotFoundException
*/
private static function getAuthenticationInfo($user_info)
{
}
if (!DBA::isResult($user)) {
- throw new Exception(DI::l10n()->t('User not found'));
+ throw new HTTPException\NotFoundException(DI::l10n()->t('User not found'));
}
}
* Generates a human-readable random password
*
* @return string
+ * @throws Exception
*/
public static function generateNewPassword()
{
*/
public static function isPasswordExposed($password)
{
- $cache = new \DivineOmega\DOFileCachePSR6\CacheItemPool();
+ $cache = new CacheItemPool();
$cache->changeConfig([
'cacheDirectory' => get_temppath() . '/password-exposed-cache/',
]);
$passwordExposedChecker = new PasswordExposed\PasswordExposedChecker(null, $cache);
return $passwordExposedChecker->passwordExposed($password) === PasswordExposed\PasswordStatus::EXPOSED;
- } catch (\Exception $e) {
+ } catch (Exception $e) {
Logger::error('Password Exposed Exception: ' . $e->getMessage(), [
'code' => $e->getCode(),
'file' => $e->getFile(),
*
* @param string $nickname The nickname that should be checked
* @return boolean True is the nickname is blocked on the node
- * @throws InternalServerErrorException
*/
public static function isNicknameBlocked($nickname)
{
$forbidden_nicknames = DI::config()->get('system', 'forbidden_nicknames', '');
+ if (!empty($forbidden_nicknames)) {
+ $forbidden = explode(',', $forbidden_nicknames);
+ $forbidden = array_map('trim', $forbidden);
+ } else {
+ $forbidden = [];
+ }
+
+ // Add the name of the internal actor to the "forbidden" list
+ $actor_name = self::getActorName();
+ if (!empty($actor_name)) {
+ $forbidden[] = $actor_name;
+ }
- // if the config variable is empty return false
- if (empty($forbidden_nicknames)) {
+ if (empty($forbidden)) {
return false;
}
// check if the nickname is in the list of blocked nicknames
- $forbidden = explode(',', $forbidden_nicknames);
- $forbidden = array_map('trim', $forbidden);
if (in_array(strtolower($nickname), $forbidden)) {
return true;
}
*
* @param array $data
* @return array
- * @throws \ErrorException
- * @throws InternalServerErrorException
- * @throws \ImagickException
+ * @throws ErrorException
+ * @throws HTTPException\InternalServerErrorException
+ * @throws ImagickException
* @throws Exception
*/
public static function create(array $data)
$nickname = $data['nickname'] = strtolower($nickname);
- if (!preg_match('/^[a-z0-9][a-z0-9\_]*$/', $nickname)) {
+ if (!preg_match('/^[a-z0-9][a-z0-9_]*$/', $nickname)) {
throw new Exception(DI::l10n()->t('Your nickname can only contain a-z, 0-9 and _.'));
}
$photo_failure = false;
$filename = basename($photo);
- $img_str = Network::fetchUrl($photo, true);
- // guess mimetype from headers or filename
- $type = Images::guessType($photo, true);
+ $curlResult = DI::httpRequest()->get($photo);
+ if ($curlResult->isSuccess()) {
+ $img_str = $curlResult->getBody();
+ $type = $curlResult->getContentType();
+ } else {
+ $img_str = '';
+ $type = '';
+ }
+
+ $type = Images::getMimeTypeByData($img_str, $photo, $type);
$Image = new Image($img_str, $type);
if ($Image->isValid()) {
*
* @return bool True, if the allow was successful
*
- * @throws InternalServerErrorException
+ * @throws HTTPException\InternalServerErrorException
* @throws Exception
*/
public static function allow(string $hash)
* @param string $lang The user's language (default is english)
*
* @return bool True, if the user was created successfully
- * @throws InternalServerErrorException
- * @throws \ErrorException
- * @throws \ImagickException
+ * @throws HTTPException\InternalServerErrorException
+ * @throws ErrorException
+ * @throws ImagickException
*/
public static function createMinimal(string $name, string $email, string $nick, string $lang = L10n::DEFAULT)
{
if (empty($name) ||
empty($email) ||
empty($nick)) {
- throw new InternalServerErrorException('Invalid arguments.');
+ throw new HTTPException\InternalServerErrorException('Invalid arguments.');
}
$result = self::create([
* @param string $siteurl
* @param string $password Plaintext password
* @return NULL|boolean from notification() and email() inherited
- * @throws InternalServerErrorException
+ * @throws HTTPException\InternalServerErrorException
*/
public static function sendRegisterPendingEmail($user, $sitename, $siteurl, $password)
{
*
* It's here as a function because the mail is sent from different parts
*
- * @param \Friendica\Core\L10n $l10n The used language
- * @param array $user User record array
- * @param string $sitename
- * @param string $siteurl
- * @param string $password Plaintext password
+ * @param L10n $l10n The used language
+ * @param array $user User record array
+ * @param string $sitename
+ * @param string $siteurl
+ * @param string $password Plaintext password
*
* @return NULL|boolean from notification() and email() inherited
- * @throws InternalServerErrorException
+ * @throws HTTPException\InternalServerErrorException
*/
- public static function sendRegisterOpenEmail(\Friendica\Core\L10n $l10n, $user, $sitename, $siteurl, $password)
+ public static function sendRegisterOpenEmail(L10n $l10n, $user, $sitename, $siteurl, $password)
{
$preamble = Strings::deindent($l10n->t(
'
/**
* @param int $uid user to remove
* @return bool
- * @throws InternalServerErrorException
+ * @throws HTTPException\InternalServerErrorException
*/
public static function remove(int $uid)
{
// unique), so it cannot be re-registered in the future.
DBA::insert('userd', ['username' => $user['nickname']]);
- // The user and related data will be deleted in "cron_expire_and_remove_users" (cronjobs.php)
+ // The user and related data will be deleted in Friendica\Worker\ExpireAndRemoveUsers
DBA::update('user', ['account_removed' => true, 'account_expires_on' => DateTimeFormat::utc('now + 7 day')], ['uid' => $uid]);
Worker::add(PRIORITY_HIGH, 'Notifier', Delivery::REMOVAL, $uid);
'total_users' => 0,
'active_users_halfyear' => 0,
'active_users_monthly' => 0,
+ 'active_users_weekly' => 0,
];
- $userStmt = DBA::p("SELECT `user`.`uid`, `user`.`login_date`, `contact`.`last-item`
- FROM `user`
- INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
- WHERE `user`.`verified`
- AND `user`.`login_date` > ?
- AND NOT `user`.`blocked`
- AND NOT `user`.`account_removed`
- AND NOT `user`.`account_expired`",
- DBA::NULL_DATETIME
- );
-
+ $userStmt = DBA::select('owner-view', ['uid', 'login_date', 'last-item'],
+ ["`verified` AND `login_date` > ? AND NOT `blocked`
+ AND NOT `account_removed` AND NOT `account_expired`",
+ DBA::NULL_DATETIME]);
if (!DBA::isResult($userStmt)) {
return $statistics;
}
$halfyear = time() - (180 * 24 * 60 * 60);
$month = time() - (30 * 24 * 60 * 60);
+ $week = time() - (7 * 24 * 60 * 60);
while ($user = DBA::fetch($userStmt)) {
$statistics['total_users']++;
) {
$statistics['active_users_monthly']++;
}
+
+ if ((strtotime($user['login_date']) > $week) || (strtotime($user['last-item']) > $week)
+ ) {
+ $statistics['active_users_weekly']++;
+ }
}
+ DBA::close($userStmt);
return $statistics;
}
* @param int $count Count of the items per page (Default is @see Pager::ITEMS_PER_PAGE)
* @param string $type The type of users, which should get (all, bocked, removed)
* @param string $order Order of the user list (Default is 'contact.name')
- * @param string $order_direction Order direction (Default is ASC)
+ * @param bool $descending Order direction (Default is ascending)
*
* @return array The list of the users
* @throws Exception
*/
- public static function getUsers($start = 0, $count = Pager::ITEMS_PER_PAGE, $type = 'all', $order = 'contact.name', $order_direction = '+')
+ public static function getList($start = 0, $count = Pager::ITEMS_PER_PAGE, $type = 'all', $order = 'name', bool $descending = false)
{
- $sql_order = '`' . str_replace('.', '`.`', $order) . '`';
- $sql_order_direction = ($order_direction === '+') ? 'ASC' : 'DESC';
-
+ $param = ['limit' => [$start, $count], 'order' => [$order => $descending]];
+ $condition = [];
switch ($type) {
case 'active':
- $sql_extra = 'AND `user`.`blocked` = 0';
+ $condition['account_removed'] = false;
+ $condition['blocked'] = false;
break;
case 'blocked':
- $sql_extra = 'AND `user`.`blocked` = 1';
+ $condition['account_removed'] = false;
+ $condition['blocked'] = true;
+ $condition['verified'] = true;
break;
case 'removed':
- $sql_extra = 'AND `user`.`account_removed` = 1';
- break;
- case 'all':
- default:
- $sql_extra = '';
+ $condition['account_removed'] = true;
break;
}
- $usersStmt = DBA::p("SELECT `user`.*, `contact`.`name`, `contact`.`url`, `contact`.`micro`, `user`.`account_expired`, `contact`.`last-item` AS `lastitem_date`, `contact`.`nick`, `contact`.`created`
- FROM `user`
- INNER JOIN `contact` ON `contact`.`uid` = `user`.`uid` AND `contact`.`self`
- WHERE `user`.`verified` $sql_extra
- ORDER BY $sql_order $sql_order_direction LIMIT ?, ?", $start, $count
- );
-
- return DBA::toArray($usersStmt);
+ return DBA::selectToArray('owner-view', [], $condition, $param);
}
}